Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-8889

Опубликовано: 28 окт. 2016
Источник: nvd
CVSS3: 6.2
CVSS2: 2.1
EPSS Низкий

Описание

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.1:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.1:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.1:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.2:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.2:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc4:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc5:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0.knots20160226:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.1.knots20160629:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.13.0.knots20160814:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00085
Низкий

6.2 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-pf2g-289p-wmj9

CVSS3: 6.2
github
больше 3 лет назад

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.

EPSS

Процентиль: 25%
0.00085
Низкий

6.2 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200